Iran-Linked Hackers Use New Cavern C2 Framework to Target Israeli Organizations
ID: 2ff2f1b8-4403-5e34-8ae9-b5b65161baf6
STIX ID: report--2ff2f1b8-4403-5e34-8ae9-b5b65161baf6
Feed Name: The Hacker News
An Iranian MOIS-linked APT cluster called Cavern Manticore is using a newly documented modular command-and-control framework (Cavern/Cav3rn) to target Israeli organizations and IT providers via a SysAid DLL side-loading supply-chain compromise; the framework uses mixed .NET compilation formats, loads modular post-exploitation DLLs (mhm.dll, db.dll, ode.dll, n-ten.dll, n-sws.dll), and has been observed performing reconnaissance, credential access, tunneling, lateral movement, and data exfiltration.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
